Episoder

  • Show Notes:


    In this holiday episode of the IT SPARC Cast:


     - Saint Elon nixes hashtags

     - Ho Ho Holy S#!T - Apple Intelligence sucks

    AND

     - AT&T rings in the new year with RTO. You get RTO! You get RTO! You get RTO! You get RTO! You get RTO! You get RTO! 


    News Bytes:

    Turnitin’s AI Detection Sparks Controversy:

    •Colleges are increasingly using Turnitin’s AI detection feature to identify potential cheating in student papers. While Turnitin claims only a 1% false positive rate, Lou and John debate whether this figure accounts for all tests or flagged positives.

    •The backlash centers on false accusations, with some students facing ethics committees without conclusive proof.

    •Key takeaway: Institutions must balance the use of AI with fairness, ensuring students are not penalized unfairly. Schools should explore integrating AI as a learning tool rather than solely as a detection mechanism.

    •https://www.theguardian.com/technology/2024/dec/15/i-received-a-first-but-it-felt-tainted-and-undeserved-inside-the-university-ai-cheating-crisis 


     Siri’s Future in Apple’s AI Strategy

    •Nearly half of surveyed iPhone users feel Apple’s AI offerings have little value.

    •John and Lou debate whether Siri can remain relevant with competition from OpenAI and Anthropic.

    •https://9to5mac.com/2024/12/16/most-iphone-owners-see-little-to-no-value-in-apple-intelligence-so-far/ 


    Elon Musk Says Goodbye to Hashtags

    •X now uses AI-powered indexing to replace hashtags. Lou discusses the implications for search and content discovery.

    •John highlights how similar AI indexing could revolutionize enterprise search in SharePoint and other corporate tools.

    •https://x.com/elonmusk/status/1869070358210572306 


    Return-to-Office Mandates Hurt Companies

    •AT&T’s sudden RTO mandate for January 2025 sparks criticism.

    •Lou and John discuss a new study linking RTO policies to brain drain and rising turnover rates.

    •https://tech.co/news/att-five-day-return-to-officeQq 

    •https://arstechnica.com/tech-policy/2024/12/companies-issuing-rto-mandates-lose-their-best-talent-study/ 


    CVE of the Week:

    Salt Typhoon Hack Targets SS7 Networks

    •A state-sponsored attack exploits SS7, the core routing protocol for phone systems, to intercept metadata and messages.

    •Lou explains how lawful intercept capabilities intended for governments became a vector for this breach.

    •Why end-to-end encryption must become the norm for secure communication.

    •https://www.reuters.com/world/us/us-cyber-watchdog-tells-senior-officials-immediately-adopt-end-to-end-encryption-2024-12-18/ 


    Hosted on Acast. See acast.com/privacy for more information.

  • In Episode 5 of this series on supporting remote workers, John and Lou focus on achieving clear audio for online meetings and remote work. They discuss sound absorption, noise suppression, software tools, and selecting the right microphone. Learn how IT professionals can help teams sound professional and distraction-free in virtual environments.


    Show Notes:


    Intro:

    •John and Lou welcome listeners to the fifth episode in the remote work series, spotlighting the critical yet often overlooked topic of clear audio in virtual meetings.


    Episode 1 - 4 Recap:

    •A quick overview of previous episodes, covering remote work policies, visual presentation, and lighting for video calls.

    •Lou highlights the importance of tackling audio as the next step in creating professional remote setups.

    •Youtube - https://youtu.be/H02u0BASJsE

    •Podcast - https://shows.acast.com/it-sparc-cast/episodes/its-essential-role-in-enabling-remote-work-productivity-flex


    Overview on Importance of Clear Audio:

    •Clear audio is more critical than video quality for effective virtual communication.

    •Poor sound quality can distract and frustrate meeting participants, overshadowing even the most well-prepared content.


    1 - Sound Absorption:

    •Tips for reducing echo and creating a “dead space” for audio clarity:

    •Use sound tiles, rugs, thick curtains, and fabric furniture to absorb sound.

    •DIY solutions like creating portable sound barriers with foam panels and cardboard.

    •Lou explains the role of non-parallel surfaces in minimizing sound reflections.


    2 - Environmental Noise Suppression:

    •Strategies to block external noise:

    •Insulating walls with materials like rock wool or QuietRock.

    •Double-pane windows and sealed gaps for improved soundproofing.

    •How landscaping can act as a natural sound barrier.


    3 - Software Noise Reduction:

    •Leveraging built-in meeting platform features (e.g., Zoom, Teams) for echo and noise cancellation.

    •External software tools like Krisp for AI-driven noise reduction, particularly useful for less optimized setups.

    •John and Lou discuss potential pitfalls of using multiple noise-cancellation systems simultaneously.


    4 - Choosing a Microphone:

    •Factors to consider when selecting a microphone for remote work:

    •USB vs. analog mics, lapel mics, and built-in laptop microphones.

    •Pros and cons of popular models like Blue Yeti and Sennheiser wireless setups.

    •How microphone choice affects mobility and audio quality in different scenarios.


    Wrap Up:

    •John and Lou invite listener feedback on improving audio setups for remote work.

    •Email your thoughts to [email protected] or connect on X @ITSPARCCast.


    Hosted on Acast. See acast.com/privacy for more information.

  • Mangler du episoder?

    Klikk her for å oppdatere manuelt.

  • In this episode of IT SPARC Cast, John and Lou discuss the rise of English and LLMs replacing programming language, AI’s potential to replace web browsers, and the latest security concerns with UEFI boot kits targeting Linux systems. Plus, a hot take on AI-written articles and their impact on the IT industry. Tune in for insights, debates, and actionable advice to stay ahead in enterprise IT.


    Show Notes:

    News Bytes:

    English as the New Programming Language:

    •Andres Karpathy’s prediction: “The hottest new programming language is English.”

    •AI tools like GitHub Copilot and OpenAI Canvas are making programming more accessible, reducing the need for traditional coding languages.

    •https://analyticsindiamag.com/ai-trends-future/2024-the-year-english-changed-the-coding-game-forever/ 


    AI’s Role in Replacing Web Browsers:

    •Mustafa Suleyman of Microsoft claims AI will become the next web browser and search engine.

    •John and Lou debate AI’s future role as the primary interface for accessing information and how it integrates with existing web technologies.

    •https://www.theverge.com/24314821/microsoft-ai-ceo-mustafa-suleyman-google-deepmind-openai-inflection-agi-decoder-podcast 


    UEFI Boot Kit for Linux:

    •A newly discovered UEFI boot kit targets Linux systems, exploiting firmware vulnerabilities to gain persistent access.

    •Lou emphasizes the importance of trusted boot processes, TPM chips, and regular firmware updates.

    •https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/ 


    John’s Hot Take:

    The Problem with AI-Written Articles:

    •John and Lou critique two articles that appear to be AI-generated, noting their lack of depth and practical advice.

    •The implications of cost-cutting measures in journalism using AI for IT professionals.

    •https://www.computerworld.com/article/3606596/enterprise-buyers-guide-how-to-choose-videoconferencing-software.html 

    •https://www.forbes.com/sites/stevemcdowell/2024/12/10/understanding-enterprise-ai-readiness-its-all-about-data/ 


    CVE of the Week:

    More WordPress Vulnerabilities

    •CVE-2024-11972: A critical vulnerability in the Hunk Companion plugin for WordPress is actively being exploited. This flaw allows attackers to silently install other vulnerable plugins, potentially opening the door to a range of attacks.

    •CVE-2024-11205: A high-severity flaw in the WP Forms plugin allows authenticated attackers with subscriber-level access to refund Stripe payments and cancel subscriptions.

    •https://thehackernews.com/2024/12/wordpress-hunk-companion-plugin-flaw.html 


    Hosted on Acast. See acast.com/privacy for more information.

  • In Episode 4 of this series on supporting remote workers, John and Lou focus on lighting essentials for creating an effective and professional remote workspace. They discuss types of lighting, color temperature, and practical solutions for various budgets and setups. From diffused task lighting to branded decorative elements, learn how to optimize your remote workspace for better video calls and overall productivity.


    Show Notes


    Episode 1 - 3 Recap:

    •Summary of previous episodes covering remote work benefits, structured policies, and professional setups.

    •A quick review of Episode 1, focusing on why IT leaders must care about remote work and how enabling it supports talent acquisition, resilience, cost savings, and employee satisfaction.

    •Recap of Episode 3’s focus on virtual backgrounds and how lighting enhances presentation.

    •Youtube - https://youtu.be/H02u0BASJsE

    •Podcast - https://shows.acast.com/it-sparc-cast/episodes/its-essential-role-in-enabling-remote-work-productivity-flex


    Main Discussion:


    Types of Lighting:

    •Overview of ambient, task, accent, and decorative lighting.

    •Examples of lighting setups for different workspaces: home offices, apartments, and shared spaces.


    Color Temperature and Its Importance:

    •Explanation of Kelvin scale and how it affects workspace mood and professionalism.

    •Practical tips for choosing adjustable LED lights or color-temperature bulbs for a warm, natural look.


    Budget-Friendly vs. Professional Solutions:

    •Options for all budgets: USB video lights, portable diffusers, and Philips Hue smart systems.

    •How to use ring lights effectively without creating unwanted glare on glasses.

    •Tips for managing lighting in small spaces, like kitchens or shared rooms.


    Screen as a Light Source:

    •Using your monitor or laptop screen in “light mode” to supplement lighting.

    •How small tweaks can improve your appearance on video calls without extra costs.


    Wrap Up:

    •John and Lou encourage feedback on lighting setups and other remote work topics.

    •Email your thoughts to [email protected] or connect on X @ITSPARCCast.

    •Tune in next week for Episode 5, covering audio optimization for remote workspaces.


    Hosted on Acast. See acast.com/privacy for more information.

  • In this episode of IT SPARC Cast, John and Lou tackle Apple’s latest security vulnerabilities, explore Proxmox and OpenNebula as alternatives to VMware, and analyze Pat Gelsinger’s departure as Intel’s CEO. They also discuss shifting trends in IT infrastructure and the future of virtualization. Stay informed with insights and actionable advice for IT leaders.


    Show Notes


    News Bytes:

    WordPress Anti-Spam Plugin Vulnerability:

    •A critical flaw in the CleanTalk anti-spam plugin affects 200,000 sites, scoring a 9.8/10 in severity. Attackers can upload malicious plugins via DNS poisoning. Update to version 6.4.4 or above to mitigate this issue.

    •https://it.slashdot.org/story/24/11/30/1830222/wordpress-anti-spam-plugin-vulnerability-exposes-200000-sites-to-rce-attacks

    •https://www.searchenginejournal.com/wordpress-anti-spam-plugin-vulnerability-hits-200k-sites/533844/


    VMware Alternatives on the Rise:

    •Proxmox and OpenNebula make migrating from VMware easier, offering tools to reduce costs and enhance efficiency.

    •Beeks Group, a UK-based virtualization provider, saw a 1,000% VMware licensing cost increase and switched to OpenNebula, achieving a 200% VM efficiency boost.

    •https://nolabnoparty.com/en/proxmox-import-vmware-vms/?utm_source=linkedin&utm_medium=social&utm_campaign=ReviveOldPost

    •https://arstechnica.com/information-technology/2024/12/company-claims-1000-percent-price-hike-drove-it-from-vmware-to-open-source-rival/


    Intel CEO Pat Gelsinger Resigns:

    •After less than four years, Gelsinger steps down amid concerns over Intel’s turnaround strategy. Co-CEOs David Zinsner and Michelle Johnson Holthous take over as the board searches for a permanent replacement.

    •https://www.reuters.com/technology/intel-names-two-chip-industry-veterans-its-board-amid-ceo-search-2024-12-05/?utm_source=chatgpt.com

    •https://www.barrons.com/articles/intel-stock-next-ceo-5388beef?utm_source=chatgpt.com

    •https://www.ft.com/content/1da33c80-6328-49a7-be8a-e7e1221c43c0?utm_source=chatgpt.com

    •https://www.tomshardware.com/pc-components/cpus/intel-ceo-pat-gelsinger-retires-effective-immediately-also-steps-down-from-bod-two-co-ceos-step-in 


    CVE of the Week:

    Apple Cross-Site Scripting Vulnerability (CVE-2024-4308):

    •Found in macOS, iOS, and other Apple products, this vulnerability exploits malicious web content to execute unauthorized code. Apple has issued a patch—update immediately to secure your devices.

    •Tight integration between Apple systems means vulnerabilities can cascade across multiple services, emphasizing the importance of prompt updates.

    •https://www.cve.org/CVERecord?id=CVE-2024-44308

    •https://www.cve.org/CVERecord?id=CVE-2024-44309


    Wrap Up:

    John and Lou invite listener feedback on Pat Gelsinger’s exit, VMware alternatives, and other hot IT topics.


    Share thoughts at [email protected] or on X @ITSPARCCast.


    Don’t forget to like, subscribe, and share to support the podcast and help others stay updated.


    Hosted on Acast. See acast.com/privacy for more information.

  • In Episode 3 of this series on remote work, John and Lou explore practical tips and tools for creating professional virtual setups. They discuss the importance of clear audio, lighting, virtual backgrounds, and IT’s role in guiding users toward better online meeting etiquette. Learn how IT teams can lead by example and support remote workers in building trust and productivity.


    Show Notes:

    John and Lou introduce the third episode in the remote work series, focusing on practical advice for creating professional virtual meeting environments.


    Episode 1 & 2 Recap:

    A quick summary of previous episodes, highlighting the benefits of remote work, the need for structured policies, and IT’s foundational role in enabling remote success.


    Links to past episodes:

    •Youtube - https://youtu.be/H02u0BASJsE

    •Podcast - https://shows.acast.com/it-sparc-cast/episodes/its-essential-role-in-enabling-remote-work-productivity-flex


    Main Discussion:

    Virtual Backgrounds and Lighting:

    •Virtual backgrounds: When to use them, how to select professional designs, and why green screens can elevate your presentation.


    Lighting essentials: Avoid shadows and use even lighting for a clear, professional look.

    •Professional Appearance in Meetings:

    •Dress appropriately for virtual meetings as you would for in-person meetings. Avoid distractions like cluttered backgrounds or noisy environments.

    •Lou shares insights on minimizing distractions caused by clothing (e.g., striped shirts causing visual artifacts).


    IT’s Role in Supporting Remote Workspaces:

    •IT departments should guide users in setting up effective virtual workspaces, including tools for virtual backgrounds, lighting, and noise reduction.

    •Collaboration with marketing teams to provide branded virtual backgrounds.

    •Encouraging IT professionals to lead by example in creating professional virtual setups.


    Key Takeaways for Remote Workers:

    •Establish a clear workspace and maintain a presentable background.

    •Choose appropriate attire, and be mindful of your environment during calls.

    •IT’s proactive guidance can prevent common virtual meeting issues and build trust in remote teams.


    Wrap Up:

    •John and Lou encourage listeners to share their own tips for remote work and professional online meetings.

    •Reach out at [email protected] or on X @ITSPARCCast.

    •Programming note: Next week’s Deep Dive will focus on lighting and video setups for remote work environments.


    Hosted on Acast. See acast.com/privacy for more information.

  • In Episode 14 of IT SPARC Cast, John and Lou delve into the latest enterprise IT news. Topics include the extradition of a ransomware mastermind, a heated debate over Microsoft’s new Windows 365 Link device, and an urgent security warning for Palo Alto firewalls. Tune in for insights, analysis, and a touch of humor from IT industry veterans.


    Show Notes:


    News Bytes:

    Phobos Ransomware Leader Extradited

    •Russian national Evgenii Ptitsyn extradited to the U.S. for leading a global ransomware operation using Phobos. Alleged to have extorted over $16 million, Ptitsyn faces multiple charges and potential decades in prison.

    •Discussion on ransomware’s impact on businesses and the importance of cybersecurity insurance and enforcement.

    •https://www.darkreading.com/cyberattacks-data-breaches/phobos-ransomware-cybercriminal-extradited-south-korea 


    AI Deepfake Scandal Shuts Down Pennsylvania School

    •A student-created deepfake scandal at a private school in Pennsylvania sparks legal and parental outrage. Lou and John discuss the importance of clear policies to handle AI misuse in both schools and corporate settings.

    •https://news.slashdot.org/story/24/11/18/2122251/explicit-deepfake-scandal-shuts-down-pennsylvania-school


    Nerd Fight:

    Microsoft Windows 365 Link Device – Innovation or Nostalgia?

    •John and Lou debate the value of Microsoft’s new $349 Windows 365 Link device. John argues it’s a game-changer for secure remote work, while Lou critiques it as a glorified “dumb terminal.”

    •They discuss its potential use cases in IT-controlled environments, from call centers to flexible remote work setups.

    •https://techcommunity.microsoft.com/blog/windows-itpro-blog/windows-365-link—the-first-cloud-pc-device-for-windows-365/4302687


    CVE of the Week:

    Palo Alto Zero-Day Exploits (CVE-2024-00012)

    •Critical vulnerabilities in Palo Alto firewalls allow attackers to bypass authentication and escalate privileges to root access. Lou provides practical tips for mitigating risks, including internal whitelisting and VPN use.

    •John highlights the need for zero-trust architecture to combat modern multi-vector attacks.

    •https://www.securityweek.com/palo-alto-patches-firewall-zero-day-exploited-in-operation-lunar-peek/


    Wrap Up:

    •John and Lou invite listeners to share opinions on the Windows 365 Link device and other topics via [email protected] or @ITSPARCCast on X.

    •Programming note: IT SPARC Cast will return on December 4th with a deep dive on IT support for remote work and more enterprise IT news on December 6th.


    Hosted on Acast. See acast.com/privacy for more information.

  • In Episode 2 of this multi-part series, John and Lou dive deeper into IT’s role in supporting remote work. They discuss the critical elements of successful remote work environments, including clear communication infrastructure, robust digital tools, structured policies, and trust-based management. Explore how IT leaders can create a remote work culture that fosters productivity, collaboration, and employee satisfaction.


    Show Notes:


    Episode 1 Recap:

    •A quick review of Episode 1, focusing on why IT leaders must care about remote work and how enabling it supports talent acquisition, resilience, cost savings, and employee satisfaction.

    •Youtube - https://youtu.be/H02u0BASJsE

    •Podcast - https://shows.acast.com/it-sparc-cast/episodes/its-essential-role-in-enabling-remote-work-productivity-flex


    Clear Communication Infrastructure:

    •Importance of synchronous and asynchronous communication tools (e.g., Zoom, Teams).

    •Encouraging video-on for meetings while respecting personal boundaries.

    •Regular team check-ins and 1:1s to mitigate disconnection and improve engagement.

    •AI tools for automated note-taking and action item tracking during meetings.


    Strong Digital Tools & Systems:

    •Evaluating project management platforms (e.g., Monday, Trello) for collaboration.

    •Addressing secure file sharing and time zone management challenges.

    •Innovations in video conferencing and telepresence setups for better engagement.


    Structured Remote Work Policies:

    •Setting clear expectations for availability, dress code, and meeting attendance.

    •Offering flexibility in status reporting formats (e.g., text, audio, or video).

    •Providing the right equipment and training while ensuring proper asset tracking.


    Cultural Elements:

    •Encouraging work-life balance and trust-based management styles.

    •Creating intentional social connection opportunities (e.g., virtual break rooms, watch parties).

    •Inclusive practices to prevent remote worker isolation and build stronger teams.


    Management Practices:

    •Emphasizing outcomes over hours worked.

    •Structured performance reviews and effective goal-setting.

    •Using written communication to document priorities and expectations.


    Wrap Up:

    •John and Lou invite feedback on tools, policies, and practices for supporting remote workers.

    •Connect via [email protected] or on X @ITSPARCCast.

    •Programming Note: New episodes will resume after Thanksgiving on December 4th and December 6th.


    Hosted on Acast. See acast.com/privacy for more information.

  • In this episode of IT SPARC Cast, John and Lou cover the latest in AI and cybersecurity. OpenAI prepares to launch locally-hosted AI agents, Salesforce ramps up its AI-powered products with new hires, and 19 critical vulnerabilities in Android demand immediate attention. Tune in for insights on how these developments impact enterprise IT and security.


    Show Notes:


    News Bytes:

    OpenAI to Launch Local AI Agents

    •OpenAI’s “Operator” project will bring AI agents to local devices, enabling automation of tasks across platforms. This advancement could revolutionize daily workflows by integrating data from multiple enterprise systems into a unified report.

    •Discussion on potential enterprise applications, from log analysis to anomaly detection, all within secure local environments.

    •https://www.theverge.com/2024/11/13/24295879/openai-agent-operator-autonomous-ai 


    Salesforce’s AI Expansion with AgentForce

    •Salesforce announces plans to hire 1,000 people to support its new AI product, AgentForce, a platform for building intelligent agents for customer service and internal use.

    •This move reflects the growing demand for no-code AI tools and signals Salesforce’s commitment to AI-driven business solutions.

    •https://slashdot.org/story/24/11/10/1819213/salesforce-to-hire-1000-people-for-big-ai-product-sales-push 

    •https://finance.yahoo.com/news/salesforce-hire-1-000-people-194931457.html


    Meet Wi-Fi 8: Reliability Over Speed

    •Early details about Wi-Fi 8 show a focus on stability rather than speed, addressing connection drops common in current high-speed protocols.

    •Discussion on the benefits for IoT devices and the challenges of implementing new standards across existing infrastructure.

    •https://www.pcworld.com/article/2518469/meet-wi-fi-8-which-will-trade-speed-for-a-more-reliable-experience.html 


    CVE of the Week:

    19 Critical Android Vulnerabilities

    •Google’s latest Android update addresses 19 high-severity security holes, with two already actively exploited (CVE-2024-43047 and CVE-2024-43093).

    •These vulnerabilities affect a wide range of devices and could compromise Android’s sandbox environment. John and Lou emphasize the importance of prompt patching and secure device management for enterprises.

    •https://source.android.com/docs/security/bulletin/2024-11-01 


    Wrap Up:

    •John and Lou invite feedback on potential topics, especially regarding vendor earnings and their implications for the IT sector. Reach out at [email protected] or on X @ITSPARCCast.

    •Don’t forget to like, subscribe, and share to keep up with the latest in IT news.


    Hosted on Acast. See acast.com/privacy for more information.

  • In this first episode of a new series, John and Lou explore IT’s critical role in supporting remote work. They discuss why remote work matters, the benefits it brings to employees and businesses, and why a mandated return to the office (RTO) may not be the best path forward. Get insights into how IT can help sustain productivity and enhance job satisfaction in a remote environment.


    Show Notes:


    Intro:

    •John and Lou introduce the multi-part series on remote work, exploring how IT can optimize remote setups for productivity and flexibility.


    Why Should We Care About Remote Work?

    •The benefits of remote work include productivity boosts, better work-life balance, and access to a broader talent pool.

    •Cost savings for both employees (commute, meals) and companies (office space).

    •Increased flexibility improves employee satisfaction and retention, a critical metric in today’s competitive job market.


    Why Are We So Adamant About Promoting Remote Work?

    •Both John and Lou have extensive experience managing remote teams and have seen the benefits firsthand.

    •Remote work offers flexibility for life’s demands (e.g., elder care) and can significantly improve mental and physical health.

    •They argue that modern tools and technology make remote work not only feasible but often preferable.


    State of the RTO (Return to Office) Effort:

    •Large companies, like Amazon, are mandating RTO, often citing productivity concerns. John and Lou view this as a micromanagement issue.

    •Examples from companies like Pinterest show that flexible work policies can boost innovation and reduce real estate costs.

    •https://www.fastcompany.com/91225476/pinterest-exec-companies-that-force-workers-back-to-the-office-are-missing-the-big-picture

    •Insight into how cultural shifts and management adjustments can sustain remote productivity without requiring full-time office presence.


    Wrap Up:

    John and Lou invite feedback on the pros and cons of remote work, asking listeners to share their experiences and opinions.


    Stay tuned for future episodes diving into IT strategies, tools, and setups that enhance remote work efficiency.


    Connect via [email protected] or on X @ITSPARCCast.


    Hosted on Acast. See acast.com/privacy for more information.

  • In this Episode of IT SPARC Cast, John and Lou dive into the latest in IT security and automation. They cover TP-Link devices forming a massive botnet, GitHub’s AI-powered Spark for micro app creation, and a critical SharePoint vulnerability (CVE-2024-38094) that’s being actively exploited. Tune in for insights, proactive solutions, and the importance of robust patching policies.


    Show Notes:


    News Bytes:

    TP-Link Botnet Threats:

    •Hackers using over 8,000 compromised TP-Link routers in password-spray attacks targeting Microsoft Azure accounts. The botnet, known as “Botnet 7777,” operates stealthily across 16,000 devices, largely evading detection.

    •Discussion on how home and small business devices, like TP-Link, may pose hidden risks in networks due to infrequent patching.

    •https://arstechnica.com/information-technology/2024/11/microsoft-warns-of-8000-strong-botnet-used-in-password-spraying-attacks/#gsc.tab=0 


    GitHub’s Spark for AI Micro Apps:

    •GitHub introduces Spark, a tool allowing users to create micro applications using natural language commands. This AI-powered system promises efficiency for non-coders and customizable app creation for IT departments.

    •John and Lou discuss the potential of Spark in enterprise environments and the future of no-code tools for network and software automation.

    •https://googleprojectzero.blogspot.com/2024/10/from-naptime-to-big-sleep.html


    Google’s Big Sleep Project Discovers Real-World Exploits:

    •Google’s Big Sleep project, an AI-assisted vulnerability research tool, recently identified an exploitable stack buffer overflow in SQLite before its public release.

    •Highlighting how AI is becoming a critical resource for vulnerability detection, with this discovery marking a significant step in proactive security.

    •https://googleprojectzero.blogspot.com/2024/10/from-naptime-to-big-sleep.html


    CVE of the Week:

    SharePoint Vulnerability - CVE-2024-38094:

    •A recently patched vulnerability in SharePoint has seen exploitation in the wild. Rated 7.2 in severity, this issue allows attackers to run unauthorized code on vulnerable SharePoint servers.

    •John and Lou stress the need for timely patching and suggest tools for network administrators to keep an eye on such vulnerabilities in on-prem environments.

    •https://www.csoonline.com/article/3598616/a-new-sharepoint-vulnerability-is-already-being-exploited.html 


    Wrap Up:

    John and Lou invite listeners to share thoughts on SharePoint’s role in the enterprise and suggest any topics for future episodes. Connect with [email protected] or follow @ITSPARCCast on X.


    Don’t miss next week’s deep dive on supporting remote work in enterprise IT.


    Hosted on Acast. See acast.com/privacy for more information.

  • In the final episode of this three-part series, John and Lou discuss the future of AI in K-12 education. They cover how IT leaders stay informed on AI developments, the role of AI in classrooms, and best practices for collaboration among school districts. Discover insights on building policies that balance innovation with responsibility and explore the partnerships shaping AI’s role in education.


    Show Notes:


    Intro:

    •John and Lou welcome listeners to the last part of the K-12 AI series, covering AI policy development and district collaboration for the future of AI in schools.


    Recap:

    •Summary of Episodes 1 and 2: The current state of AI in schools, human impacts, and AI’s effect on students, teachers, IT staff, and parents.

    •Youtube Episode - Part 1 - https://youtu.be/CU1CryyZkIE

    •Youtube Episode - Part 2 - https://youtu.be/wLR6g81yLpc 

     


    Question 7: Staying Informed on AI Developments

    •District 1 utilizes conferences like Maine Educational Technology Association (META) and an AI sandbox project with the University of Maine to stay up-to-date.

    •District 2 stays informed through online forums and “thinking like a student,” searching topics students might explore about AI.


    Question 8: AI’s Role in the Future of Education

    •District 1 emphasizes balancing AI benefits with responsible use, focusing on policy to deter misuse (e.g., cheating).

    •District 2 views AI as an integral tool in high school education, focusing on guidance for ethical usage as AI adoption grows.


    Question 9: Collaboration with Other Districts and Organizations

    •District 1 collaborates with Maine Educational Technology Association (META) and the University of Maine, while District 2 shares resources through the New Hampshire CTO group.

    •Both districts highlight the importance of real-time communication among teachers, IT staff, and administrators to adapt AI policies.


    Wrap Up:

    John and Lou conclude the series, inviting feedback from educators, IT directors, and parents. Join the conversation at [email protected] or on X @ITSPARCCast.

    Stay tuned for next week’s series on remote work and enterprise IT.


    Hosted on Acast. See acast.com/privacy for more information.

  • In Episode 11 of IT SPARC Cast, John and Lou unpack high-stakes lawsuits and investigations shaking the IT industry. They cover AT&T’s clash with Broadcom over VMWare support costs, Delta’s lawsuit against CrowdStrike after a massive flight disruption, and Ernst & Young’s exit as Super Micro’s auditor. Join us for insights on how these cases impact IT decision-makers, plus our CVE of the Week and security tips for handling layoffs.


    Show Notes:


    News Bytes:


    Return to Office Programs Losing Steam:

    •New data shows that 80% of companies have return-to-office policies, but only 17% enforce them. Lou and John discuss how “quiet covering” by managers is keeping remote work alive and the risks of enforcing in-office requirements.

    •https://www.yahoo.com/news/back-office-orders-become-common-100031656.html 


    AT&T Sues Broadcom Over VMWare Support Costs:

    •AT&T claims Broadcom violated a VMWare support agreement, raising fees by 1,000% after switching to a subscription model. The New York Supreme Court issued a temporary restraining order to maintain AT&T’s support during negotiations.

    •https://www.theregister.com/2024/10/16/att_broadcom_vmware_settlement_possible/ 

    •https://www.techtarget.com/searchVMware/news/366614302/Court-asks-ATT-Broadcom-to-resolve-VMware-dispute 

    •https://arstechnica.com/information-technology/2024/10/a-year-after-broadcoms-vmware-buy-customers-eye-exit-strategies/ 


    Delta Airlines vs. CrowdStrike:

    •Delta is suing CrowdStrike over a botched update that caused a $500 million impact on operations, affecting 1.3 million passengers. Lou breaks down how the lawsuit may shape the future of endpoint security.

    •https://www.reuters.com/legal/delta-sues-crowdstrike-over-software-update-that-prompted-mass-flight-2024-10-25/ 


    Super Micro Under Federal Investigation:

    •Ernst & Young resigned as Super Micro’s auditor, citing internal control issues. Super Micro’s shares plummeted 33%, leading IT leaders to consider alternative hardware providers or renegotiate for better pricing.

    •https://www.cnbc.com/2024/10/30/super-micro-auditor-resigns-after-raising-concerns-months-earlier.html


    CVE of the Week:


    Reflecting on CVE’s 25 Years of Service:

    •Instead of a specific CVE, John and Lou honor the CVE system’s contribution to cybersecurity. They discuss its origins with MITRE and its essential role in keeping systems secure.

    Insider Threat Spotlight: 

    •Lou shares a story about a former Disney employee who hacked internal systems to disrupt menu displays, demonstrating the need for stricter access management during terminations.

    •https://www.theregister.com/2024/10/30/fired_disney_employee_hacks_menu/ 


    Hosted on Acast. See acast.com/privacy for more information.

  • In this episode of IT SPARC Cast Deep Dive, John and Lou continue with the second of three parts of the discussion on AI in K-12 and primary education. They dive into how schools address AI-assisted cheating, privacy challenges, and the role of IT departments in crafting responsible AI policies. Learn about real-life strategies from school IT leaders and the importance of collaboration in using AI effectively in education.


    Show Notes:


    Intro:


    John and Lou kick off by recapping the first episode, where they compared two school districts’ approaches to AI in education.


    Deep Dive:


    AI and Cheating Detection

    •Concerns around plagiarism: Districts are exploring AI detection tools but worry about false positives.

    •Some schools now require all assignments to be written in Google Docs to track typing patterns and prevent AI-assisted submissions.

    •Discussion on the evolving tactics students might use to bypass these measures.


    Collaborative Policy Development

    •Districts are conducting “AI tours” and working with digital learning specialists to educate teachers on safe AI tools and data privacy.

    •Schools emphasize collaboration between IT, teachers, and administrators to ensure that AI policies align with classroom needs.


    Managing Student Devices

    •IT departments are limiting AI tools on student Chromebooks, while allowing teachers access to approved educational AI applications.

    •Google’s admin console gives schools control over Chromebooks, enabling restrictions that align with educational goals and privacy requirements.


    Experimenting with Prompt “Poisoning” to Detect AI Usage

    •John and Lou test a strategy where obscure references are added to prompts to detect AI-generated work, revealing mixed results in effectiveness.

    •They discuss the importance of educating teachers to recognize AI-generated assignments and use critical questioning to assess student knowledge.


    Wrap Up:


    John and Lou encourage feedback from educators and IT professionals on AI’s role in schools, inviting emails at [email protected] and comments on X @ITSPARCCast.


    Listeners are urged to subscribe, share, and stay tuned for next week’s episode on AI’s future in education.


    Hosted on Acast. See acast.com/privacy for more information.

  • In this episode of IT SPARC Cast, John and Lou tackle VMware’s shifting strategy under Broadcom, discussing whether the virtualization giant is losing ground. They also dig into the resurgence of the Spectre vulnerability and what it means for IT security in 2024. Plus, with recent fines over the 2020 SolarWinds hack, CISOs are facing more pressure to cover their bases. Tune in for expert opinions and insights from the world of Enterprise IT.


    Show Notes:


    News Bytes:


    VMWare’s Future Under Broadcom:

    •With Broadcom’s acquisition of VMWare, companies are jumping ship due to rising costs. 

    •John and Lou discuss potential alternatives

    •https://www.linkedin.com/posts/prgmd_has-broadcom-killed-vmware-many-businesses-activity-7253122328279076866-FfjD?utm_source=share&utm_medium=member_ios


    AI Agents: Anthropic’s and Microsoft’s Automation Tools

    •Anthropic’s AI Agents:

    •New AI models automate tasks like keystrokes and mouse clicks, aimed at software developers.

    •https://www.reuters.com/technology/artificial-intelligence/anthropic-releases-ai-automate-mouse-clicks-coders-2024-10-22/?_bhlid=11acf92736eb5937f843fe68c430b79a27b05f8f


    •Microsoft’s AI Agents:

    •No-code AI tools for automating daily tasks, releasing in November.

    •Easy access to AI-powered automation without programming skills.

    •https://www.reuters.com/technology/artificial-intelligence/microsoft-allow-autonomous-ai-agent-development-starting-next-month-2024-10-21/ 


    AGI Prompt Attacks: Deceptive Delight

    •Researchers found a method to trick AGI models into revealing restricted info with cleverly crafted prompts.

    •AI systems can be manipulated to reveal hidden data, posing risks for sensitive information handling.

    •https://thehackernews.com/2024/10/researchers-reveal-deceptive-delight.htmlhttps://thehackernews.com/2024/10/researchers-reveal-deceptive-delight.html 


    CISO Accountability in the SolarWinds Fallout:

    •CISOs are becoming the new shields for corporations and what this means for corporate liability in data breaches.

    •https://www.csoonline.com/article/3578782/four-firms-charged-fined-over-handling-of-solarwinds-hack-disclosures.html


    CVE of the Week:


    Spectre Bug Resurfaces:

    •Despite widespread patches since 2017, Spectre is back in the spotlight. 

    •This time, researchers found a way to bypass hardware mitigations and access root passwords, leaving companies exposed. 

    •https://www.phoronix.com/news/Torvalds-Frustrated-Buggy-HW



    Hosted on Acast. See acast.com/privacy for more information.

  • In this inaugural episode of IT SPARC Cast Deep Dive, John and Lou explore the impact of AI on K-12 education. They discuss how different school districts are handling the integration of AI tools, including the use of tools like ChatGPT and Google Gemini. Are schools ready for this shift, or are they playing catch-up? Join the conversation as they examine the challenges, policies, and future of AI in the classroom.


    Show Notes:


    AI in the Classroom: A Case Study:


    John spoke with two IT directors from different school districts—one in a rural, lower-income area (School A) and another in a more affluent, suburban district (School B). They compare how these districts are tackling the challenges of AI in education.

    •School A has implemented an acceptable use policy focused on preventing plagiarism with AI tools like ChatGPT.

    •School B has adopted School AI, a specialized tool that monitors student AI use and helps keep them on task.


    ChromeBooks and Google Gemini:


    The rise of AI-integrated hardware in education is becoming a growing concern, with Google Gemini’s introduction to new ChromeBook models. Will schools be able to control these tools effectively, or will they be forced to adopt AI faster than they are prepared for?


    Student Learning and AI:

    Both districts are at different stages of AI adoption, but both recognize the importance of educating teachers on responsible AI use before fully integrating it into the classroom. AI tools like Canva and School AI have been introduced to help students, but privacy and ethical concerns loom large.


    Wrap Up:


    John and Lou discuss their takeaways: Schools are at the beginning stages of AI adoption, but they are aware of the challenges ahead. They encourage listeners to share their experiences and insights regarding AI in education.


    Feedback and topic suggestions: [email protected] or @ITSPARCCast on X.


    Like, subscribe, and turn on notifications for more IT deep dives and expert opinions.


    Hosted on Acast. See acast.com/privacy for more information.

  • In this episode of IT SPARC Cast, John and Lou dive into the complexities of open source funding, the future of data centers powered by small modular nuclear reactors, and critical security vulnerabilities you need to know about. With a CVE hitting your firewall hard and the increasing fragility of AI systems, we cover what you need to secure your enterprise IT systems. Tune in for insights from seasoned pros in the IT space.


    Show Notes:


    News Bytes:


    • Open Source in Crisis: How enterprises rely on open source software and the importance of funding it.

    • Python and Linux are at the core of infrastructure, but without proper support, businesses are at risk.

    • Example: The left-pad NPM issue that caused widespread disruptions.

    • How can businesses support open-source projects?

    • Corporate sponsorships, direct monetization, and intermediary companies like Red Hat and Canonical are crucial solutions.

    • A spotlight on Germany’s Sovereign Tech Fund, leading the way in public aid for open source.

    • https://www.infoworld.com/article/3557846/how-do-we-fund-open-source.html

    • AI’s Growing Energy Demands

    • Amazon and the U.S. Department of Energy are collaborating on small modular nuclear reactors (SMRs) to power data centers.

    • Microsoft, Amazon, and others are exploring nuclear power to handle the future energy demands of AI.

    • Lou explains the cutting-edge advancements in liquid fluorine salt reactors and their potential future applications.

    • https://www.geekwire.com/2024/doe-announces-900m-for-next-gen-reactors-as-amazon-launches-nuclear-power-pursuit/

    • The Changing Landscape of IT Jobs

    • Despite big layoffs from tech giants, smaller companies are filling the gap.

    • AI and its role in reshaping the IT job market, including a shift toward roles in tech support, help desk, and AI development.

    • https://www.computerworld.com/article/3554907/big-shift-in-it-employment-shows-new-skills-are-needed.html


    CVE of the Week:


    • Firewall Meltdown: Fortinet, Palo Alto, and Check Point firewalls are facing severe vulnerabilities with CVEs like 2024-23113.

    • Fortinet’s OS vulnerabilities could allow attackers to execute arbitrary commands.

    • Palo Alto’s CVEs include operating system-level command injection vulnerabilities with a severity rating of 9.9 out of 10.

    • What should you do? Embrace defense-in-depth strategies and stay in touch with your firewall vendors for immediate updates.

    • https://nvd.nist.gov/vuln/detail/CVE-2024-23113 

    • https://thehackernews.com/2024/10/cisa-warns-of-critical-fortinet-flaw-as.html 


    Wrap Up:


    •Call for feedback: Send your topic ideas or feedback to [email protected] or connect with us on X (@itsparccast).

    •Be sure to like, subscribe, and turn on notifications so you don’t miss next week’s insights into enterprise IT.


    Hosted on Acast. See acast.com/privacy for more information.

  • In this episode of IT SPARC Cast, John and Lou tackle the latest tech news, including a troubling Microsoft vulnerability affecting Mac apps, a phishing scam using physical mail, and malware targeting air-gapped networks. They also preview an upcoming book critiquing tech management practices and delve into Gartner’s 2024 tech trends. Tune in for insights, opinions, and practical advice for staying ahead in the IT world.


    Show Notes:


    News Bytes:

     â€˘ Microsoft’s Mac App Vulnerability: The hosts dive into a security issue affecting Microsoft’s Mac apps, where an entitlement disables MacOS’s hardened runtime, potentially allowing malicious DLL execution. Microsoft has partially addressed the issue but left some apps vulnerable.

    https://www.macworld.com/article/2432176/microsoft-apps-on-the-mac-have-a-security-hole-that-wont-get-fixed-soon.html


     â€˘ Air-Gapped Network Threats: Lou shares news about sophisticated malware targeting air-gapped networks, discovered by ESET. The malware employs USB drives for infiltration and advanced techniques for data exfiltration. The discussion touches on the human factor in security and the evolving threat landscape.

    https://arstechnica.com/security/2024/10/two-never-before-seen-tools-from-same-group-infect-air-gapped-devices/  


     â€˘ Old-School Phishing Goes Physical: Phishing has gone back to basics, with scam letters arriving in physical mailboxes in Germany, mimicking legitimate bank correspondence. John shares a personal phishing experience, emphasizing the need for skepticism, even with familiar-looking messages.

    https://www.pcworld.com/article/2419859/police-warn-of-deceptively-genuine-phishing-by-post-how-the-scam-works.html


     â€˘ Book Preview – “Fatal Abstraction”: Lou introduces an upcoming book arguing that managerial practices are to blame for many tech problems, touching on over-reliance on software and management misunderstandings. The hosts discuss management issues and software’s limitations in solving business challenges.

    https://www.theverge.com/2024/10/8/24265264/what-if-techs-problem-is-management 


     â€˘ Gartner’s 2024 Technology Trends: The episode touches briefly on Gartner’s top tech trends for the upcoming year, including AI trust and security, continuous threat exposure management, and industry cloud platforms. 

    https://www.gartner.com/en/articles/gartner-top-10-strategic-technology-trends-for-2024


    CVE of the Week:

     â€˘ “PerfCTL” Linux Malware: This week’s CVE is a stealthy malware called “PerfCTL,” which exploits servers for cryptocurrency mining or malicious network activity. The hosts recommend packet-based analytics tools to detect unusual network behavior and discuss how to protect against such threats.

    https://www.wired.com/story/perfctl-stealthy-malware-infected-linux-systems


    Hosted on Acast. See acast.com/privacy for more information.

  • In this episode of IT SPARC Cast, John and Lou dive into Dell’s controversial return to office mandate, the future of Intel’s chip strategy, and the latest on Linux vulnerabilities. They discuss disaster recovery strategies, cybersecurity awareness, and how being prepared beats being lucky when disasters strike. Tune in for Lou’s Hot Take on crisis management and how IT pros can navigate unexpected events with smart planning. As always, we cover the latest IT news, CVEs, and much more!


    Show Notes:


    News Bytes


    • Dell’s In-Office Policy: How Dell’s move to require five days in the office is sparking employee discontent, and why remote work might still be the future.

    • https://content.techgig.com/technology/wfh-ends-at-dell-sparks-outrage-among-employees/articleshow/113772027.cms


    • Intel’s Gamble: Intel’s big bet on the 18A process and how Clearwater Forest Xeon chips could make or break the company’s dominance in data centers.

    • https://www.tomshardware.com/pc-components/cpus/intels-turnaround-plan-revolves-around-this-one-chip-family-clearwater-forest-pictured-intels-first-18a-chip-slated-for-high-volume-manufacturing


    CVE of the Week


    • CUPS Vulnerability: A new Linux CUPS vulnerability has been exposed, affecting printing services across systems. It’s a serious root-level exploit, and we break down the steps to mitigate it. Plus, a special shoutout to @EvilSocket on X for reporting the issue.

    • Check it out: exploit sandbox here: https://x.com/ippsec/status/1841463975734657440


    Lou’s Hot Take


    • Prepared vs. Lucky: In light of recent natural disasters, Lou emphasizes the importance of being prepared. He shares how IT teams can ensure continuous service during crises and highlights the increasing role of satellite communication (e.g., Starlink) for backup.


    Have thoughts or feedback? Email us at [email protected] or find us on X @itsparccast.


    Be sure to like, subscribe, and turn on notifications to stay updated on future episodes!


    Hosted on Acast. See acast.com/privacy for more information.

  • IT SPARC Cast - September 27 2024: Old-School Linux, AI Monetization, and Unpatched Linux Exploits


    Brief Description:


    In this week’s episode, John and Lou dive into the latest IT news with a nostalgic look at Linux running on a 1971 Intel processor, Cloudflare’s new AI bot marketplace, and an alarming unpatched vulnerability in the Linux kernel. They explore the implications of these stories for the enterprise, including hybrid work concerns, the evolving landscape of enterprise security, and key strategies for navigating IT challenges. Lou delivers a hot take on the future of remote work, and John addresses how enterprise IT can better adapt to changing workplace dynamics.


    Episode Sections:


    News Bytes

    •Linux on Intel 4004 Processor: A tech enthusiast boots Linux on a vintage Intel 4004.

    •Necro Trojan on Google Play: The Necro Trojan malware has infected millions of devices via the Google Play Store, posing a threat to enterprise networks through sideloading apps.

    •Cloudflare’s AI Marketplace: Cloudflare introduces a marketplace allowing websites to charge AI bots for scraping data. This could open revenue streams for content-heavy enterprises.

    •Smartsheet Goes Private: Smartsheet is set to go private in an $8.4 billion deal, reflecting a strategic pivot aimed at long-term growth.


    CVE of the Week

    •Unpatched Linux Exploit: A severe vulnerability (severity score of 9.9) affecting all modern Linux systems has been discovered, allowing full unauthenticated remote access. With no fix yet available, this exploit could have major implications for IoT devices and enterprise infrastructure.


    Lou’s Hot Take

    •Remote Work Backlash: Lou takes on the growing trend of companies, including Amazon, forcing employees back into the office. He explores the potential long-term consequences for retention, productivity, and employee satisfaction.


    Wrap Up

    •Format Feedback: John and Lou ask listeners for feedback on possibly breaking the show into shorter, more focused segments. They discuss upcoming tweaks to the show format based on listener suggestions.


    Links:


    •Linux Intel 4004 boot kit - https://www.tomshardware.com/pc-components/cpus/linux-takes-476-days-to-boot-on-an-ancient-intel-4004-cpu-cpu-precedes-the-os-by-20-years 

    •Necro Trojan - https://www.securityweek.com/necro-trojan-infects-google-play-apps-with-millions-of-downloads/ 

    •Cloudflare’s AI marketplace - https://techcrunch.com/2024/09/23/cloudflares-new-marketplace-will-let-websites-charge-ai-bots-for-scraping/

    •Smartsheet’s $8.4 billion acquisition - https://www.geekwire.com/2024/smartsheet-acquisition-competing-bids-unlikely-8-4b-deal-could-fuel-other-private-equity-buyouts/

    •Computer World article on Amazon’s return to office policy - https://www.computerworld.com/article/3532158/amazons-rto-mandate-likely-to-boomerang-other-companies-should-not-follow-suit.html


    Hosted on Acast. See acast.com/privacy for more information.